crypto/ec/ecx_key.c

   1 /*
   2  * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 #include <string.h>
  11 #include <openssl/err.h>
  12 #include <openssl/proverr.h>
  13 #include "crypto/ecx.h"
  14 #include "internal/common.h" /* for ossl_assert() */
  15
  16 #ifdef S390X_EC_ASM
  17 # include "s390x_arch.h"
  18 #endif
  19
  20 ECX_KEY *ossl_ecx_key_new(OSSL_LIB_CTX *libctx, ECX_KEY_TYPE type, int haspubkey,
  21                           const char *propq)
  22 {
  23     ECX_KEY *ret = OPENSSL_zalloc(sizeof(*ret));
  24
  25     if (ret == NULL)
  26         return NULL;
  27
  28     ret->libctx = libctx;
  29     ret->haspubkey = haspubkey;
  30     switch (type) {
  31     case ECX_KEY_TYPE_X25519:
  32         ret->keylen = X25519_KEYLEN;
  33         break;
  34     case ECX_KEY_TYPE_X448:
  35         ret->keylen = X448_KEYLEN;
  36         break;
  37     case ECX_KEY_TYPE_ED25519:
  38         ret->keylen = ED25519_KEYLEN;
  39         break;
  40     case ECX_KEY_TYPE_ED448:
  41         ret->keylen = ED448_KEYLEN;
  42         break;
  43     }
  44     ret->type = type;
  45     ret->references = 1;
  46
  47     if (propq != NULL) {
  48         ret->propq = OPENSSL_strdup(propq);
  49         if (ret->propq == NULL)
  50             goto err;
  51     }
  52
  53     ret->lock = CRYPTO_THREAD_lock_new();
  54     if (ret->lock == NULL) {
  55         ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB);
  56         goto err;
  57     }
  58     return ret;
  59 err:
  60     if (ret != NULL) {
  61         OPENSSL_free(ret->propq);
  62         CRYPTO_THREAD_lock_free(ret->lock);
  63     }
  64     OPENSSL_free(ret);
  65     return NULL;
  66 }
  67
  68 void ossl_ecx_key_free(ECX_KEY *key)
  69 {
  70     int i;
  71
  72     if (key == NULL)
  73         return;
  74
  75     CRYPTO_DOWN_REF(&key->references, &i, key->lock);
  76     REF_PRINT_COUNT("ECX_KEY", key);
  77     if (i > 0)
  78         return;
  79     REF_ASSERT_ISNT(i < 0);
  80
  81     OPENSSL_free(key->propq);
  82     OPENSSL_secure_clear_free(key->privkey, key->keylen);
  83     CRYPTO_THREAD_lock_free(key->lock);
  84     OPENSSL_free(key);
  85 }
  86
  87 void ossl_ecx_key_set0_libctx(ECX_KEY *key, OSSL_LIB_CTX *libctx)
  88 {
  89     key->libctx = libctx;
  90 }
  91
  92 int ossl_ecx_key_up_ref(ECX_KEY *key)
  93 {
  94     int i;
  95
  96     if (CRYPTO_UP_REF(&key->references, &i, key->lock) <= 0)
  97         return 0;
  98
  99     REF_PRINT_COUNT("ECX_KEY", key);
 100     REF_ASSERT_ISNT(i < 2);
 101     return ((i > 1) ? 1 : 0);
 102 }
 103
 104 unsigned char *ossl_ecx_key_allocate_privkey(ECX_KEY *key)
 105 {
 106     key->privkey = OPENSSL_secure_zalloc(key->keylen);
 107
 108     return key->privkey;
 109 }
 110
 111 int ossl_ecx_compute_key(ECX_KEY *peer, ECX_KEY *priv, size_t keylen,
 112                          unsigned char *secret, size_t *secretlen, size_t outlen)
 113 {
 114     if (priv == NULL
 115             || priv->privkey == NULL
 116             || peer == NULL) {
 117         ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_KEY);
 118         return 0;
 119     }
 120
 121     if (!ossl_assert(keylen == X25519_KEYLEN
 122             || keylen == X448_KEYLEN)) {
 123         ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
 124         return 0;
 125     }
 126
 127     if (secret == NULL) {
 128         *secretlen = keylen;
 129         return 1;
 130     }
 131     if (outlen < keylen) {
 132         ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
 133         return 0;
 134     }
 135
 136     if (keylen == X25519_KEYLEN) {
 137 #ifdef S390X_EC_ASM
 138         if (OPENSSL_s390xcap_P.pcc[1]
 139                 & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_X25519)) {
 140             if (s390x_x25519_mul(secret, peer->pubkey, priv->privkey) == 0) {
 141                 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION);
 142                 return 0;
 143             }
 144         } else
 145 #endif
 146         if (ossl_x25519(secret, priv->privkey, peer->pubkey) == 0) {
 147             ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION);
 148             return 0;
 149         }
 150     } else {
 151 #ifdef S390X_EC_ASM
 152         if (OPENSSL_s390xcap_P.pcc[1]
 153                 & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_X448)) {
 154             if (s390x_x448_mul(secret, peer->pubkey, priv->privkey) == 0) {
 155                 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION);
 156                 return 0;
 157             }
 158         } else
 159 #endif
 160         if (ossl_x448(secret, priv->privkey, peer->pubkey) == 0) {
 161             ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION);
 162             return 0;
 163         }
 164     }
 165     *secretlen = keylen;
 166     return 1;
 167 }